Add bump-to-front role

2019-11-05 19:24:51 +01:00 · 2019-11-05 19:24:51 +01:00 · ce1e10c116
parent 45f8a0ef66
commit ce1e10c116
4 changed files with 25 additions and 2 deletions
--- a/src/lib/Hydra/Controller/Build.pm
+++ b/src/lib/Hydra/Controller/Build.pm
@ -540,7 +540,7 @@ sub bump : Chained('buildChain') PathPart('bump') {
    my $build = $c->stash->{build};
-    requireProjectOwner($c, $build->project); # FIXME: require admin?
+    requireBumpPrivileges($c, $build->project);
    $c->model('DB')->schema->txn_do(sub {
        $build->update({globalpriority => time()});
--- a/src/lib/Hydra/Controller/JobsetEval.pm
+++ b/src/lib/Hydra/Controller/JobsetEval.pm
@ -210,7 +210,7 @@ sub restart_failed : Chained('evalChain') PathPart('restart-failed') Args(0) {
 sub bump : Chained('evalChain') PathPart('bump') Args(0) {
    my ($self, $c) = @_;
-    requireProjectOwner($c, $c->stash->{eval}->project); # FIXME: require admin?
+    requireBumpPrivileges($c, $c->stash->{eval}->project); # FIXME: require admin?
    my $builds = $c->stash->{eval}->builds->search({ finished => 0 });
    my $n = $builds->count();
    $c->model('DB')->schema->txn_do(sub {
--- a/src/lib/Hydra/Helper/CatalystUtils.pm
+++ b/src/lib/Hydra/Helper/CatalystUtils.pm
@ -13,6 +13,7 @@ our @EXPORT = qw(
    searchBuildsAndEvalsForJobset
    error notFound gone accessDenied
    forceLogin requireUser requireProjectOwner requireRestartPrivileges requireAdmin requirePost isAdmin isProjectOwner
    requireBumpPrivileges
    trim
    getLatestFinishedEval getFirstEval
    paramToList
@ -181,6 +182,27 @@ sub isProjectOwner {
         defined $c->model('DB::ProjectMembers')->find({ project => $project, userName => $c->user->username }));
 }
 sub hasBumpJobsRole {
    my ($c) = @_;
    return $c->user_exists && $c->check_user_roles('bump-to-front');
 }
 sub mayBumpJobs {
    my ($c, $project) = @_;
    return
        $c->user_exists &&
        (isAdmin($c) ||
         hasBumpJobsRole($c) ||
         isProjectOwner($c, $project));
 }
 sub requireBumpPrivileges {
    my ($c, $project) = @_;
    requireUser($c);
    accessDenied($c, "Only the project members, administrators, and accounts with bump-to-front privileges can perform this operation.")
        unless mayBumpJobs($c, $project);
 }
 sub hasRestartJobsRole {
    my ($c) = @_;
    return $c->user_exists && $c->check_user_roles('restart-jobs');
--- a/src/root/user.tt
+++ b/src/root/user.tt
@ -81,6 +81,7 @@
            [% INCLUDE roleoption role="admin" %]
            [% INCLUDE roleoption role="create-projects" %]
            [% INCLUDE roleoption role="restart-jobs" %]
            [% INCLUDE roleoption role="bump-to-front" %]
          </select>
        </div>
      </div>